CVE-2022-0831

Description

Pimcore version 10.3.2 and prior is vulnerable to stored cross-site scripting. A patch is available and anticipated to be part of version 10.3.3.

Affected packages (1)

• Packagist/pimcore/pimcorefrom 0, < 10.3.3

CVSS scores

References (4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-0831
• PATCHhttps://github.com/pimcore/pimcore
• WEBhttps://github.com/pimcore/pimcore/commit/e786fd44aac46febdbf916ed6c328fbe645d80bf
• WEBhttps://huntr.dev/bounties/4152e3a7-27a1-49eb-a6eb-a57506af104f